endpoint detection and response (EDR)
GPTKB entity
Statements (50)
| Predicate | Object |
|---|---|
| gptkbp:instanceOf |
gptkb:cybersecurity_technology
|
| gptkbp:alsoKnownAs |
endpoint threat detection and response (ETDR)
|
| gptkbp:analyzes |
endpoint data
|
| gptkbp:coinedBy |
gptkb:Gartner
2013 |
| gptkbp:component |
cybersecurity strategy
|
| gptkbp:detects |
gptkb:malware
gptkb:advanced_persistent_threats_(APTs) insider threats zero-day attacks fileless malware |
| gptkbp:enables |
incident response
malware analysis threat hunting |
| gptkbp:focusesOn |
endpoint devices
|
| gptkbp:integratesWith |
gptkb:security_information_and_event_management_(SIEM)
security orchestration, automation, and response (SOAR) threat intelligence platforms |
| gptkbp:marketedAs |
gptkb:CrowdStrike
gptkb:Sophos_Intercept_X gptkb:McAfee gptkb:Trend_Micro gptkb:SentinelOne gptkb:Microsoft_Defender_for_Endpoint gptkb:Cisco_Secure_Endpoint VMware Carbon Black |
| gptkbp:monitors |
user behavior
network connections registry changes file activity process activity |
| gptkbp:notableCollection |
endpoint data
|
| gptkbp:primaryUse |
investigate security incidents
detect suspicious activities respond to threats |
| gptkbp:provides |
forensic analysis
real-time monitoring automated response |
| gptkbp:relatedTo |
gptkb:security
endpoint protection platforms (EPP) extended detection and response (XDR) |
| gptkbp:requires |
cloud-based management console
endpoint agent |
| gptkbp:supports |
compliance requirements
|
| gptkbp:usedBy |
IT security teams
security operations centers (SOCs) |
| gptkbp:bfsParent |
gptkb:Zero_Trust_Security
gptkb:Extended_Detection_and_Response_(XDR) |
| gptkbp:bfsLayer |
7
|
| https://www.w3.org/2000/01/rdf-schema#label |
endpoint detection and response (EDR)
|